While many Apple hackers have suggested the iPhone to be quite hackable, and even exposed some major security flaws [1][2] (subsequently patched), thus far there are no known pieces of malware in the wild which target users of stock iPhones. There are only four known pieces of malware, according to Intel Corp. (INTC) unit McAfee, all of which exclusively target jailbroken iPhones [1][2].

Meanwhile, Android has seen malware rise by 76 percent over the last year. There's now 44 known pieces of malware that target standard versions of Android. Recently the first Android botnets have appeared prompting U.S. carrier AT&T, Inc. (T) to roll out free protection to its subscribers. Botnets are networks of infected computers typically used to send spam or execute distributed denial of service attacks.

Other common pieces of malware include what McAfee calls "crimeware", malware which disguises itself as seemingly legitimate apps -- often repackaged versions of best-selling apps. The apps often contain code to send premium-rate text messages. Recent reports have put the infection rates for this kind of malware at as high as 260,000 phones earlier this year.

Similar attacks have targeted Finnish phonemaker Nokia Oyj.'s (HEL:NOK1V) Symbian platform and Research in Motion's (TSE:RIM) Blackberry's, though McAffee says the number of those malicious apps are smaller.

McAfee claims the second most infected platform is the multi-device Java ME platform, acquired and maintained by Oracle Corp. (ORCL) after its acquisition of Sun Microsystems.

The reason for Apple's superior security is the topic of much heated debate. While Android's sales volume may make it the most tempting target, the iPhone is still posting a large sales, so you would expect it also to be targeted by criminals.

Possible factors affecting Apple's security include its stricter monitoring of its app store. While Apple has been much-criticized for being too heavy-handed, Google's laissez-faire approach has lead the OS-maker to struggle to maintain a secure marketplace. Another possible factor includes the fact that Google still sells many handsets with outdated version of Android, like Android 1.5 or 2.1 -- versions which may be more vulnerable to exploitation.

In related news, Apple received more pleasant news recently on the security front. The news concerned MacDefender, a fake antivirus trojan, which infected as many as one in every twenty Mac computers in June.

Following a raid and arrest of suspected Russian spam kingpin Pavel Vrublevsky (who ironically worked for the Russian government as an anti-spam chief), MacDefender variants are drying up in the wild.

For a while Apple was struggling to keep up with the volume of new variants. Russian police found evidence on the computers of Mr. Vrulevsky's online payment firm Chronopay linking it to paying Russian hackers to create new version of MacDefender.

With Mr. Vrublevsky's imprisonment the virus seems to be on its last legs, suggesting the Russian was a major mastermind behind the wildly successful Mac attack.

Mr. Vrublevsky was originally exposed by Brian Krebs of The Washington Post. Following our piece on the topic we received the following email from Chronopay:

Dear Brandon,Let me introduce myself.My name is Lidia Golikova, I am communications director in Chronopaycompany. I am writing You as Ethics representative of DailyTech concerningthe article writing by Jason Mick Russian government is investigatingthe incidenthttp://www.dailytech.com/Russian+AntiSpam+Chief+Caught+Spamming/article18423.htm?utm_source=twitterfeed&utm_medium=twitter.We would be very appreciate, if you could remove this article from yoursite, because it is doubtful and discredited our company.Moreover this article was published early - a half a year ago - in anotherweb site. Here it is linkhttp://ledgerlink.monster.com/news/articles/1064-russian-anti-spam-chief-caught-spamming.You could guess why one person writes the similar articles on onesubject in different media.Speaking about http://ledgerlink.monster - it is small web site for veryshort professional audience that is why we did not contact with them. ButDailyTech is respectful leading online magazine for a well-educatedaudience. Much people read you and hear your opinion. That is why to ouropinion it is very important that correct information will be publish inyour magazine.opinion it is very important that correct information will be publish inyour magazine.I hope for understanding and cooperation,Best regards,Lidia Golikova

Apparently we were justified in standing behind the piece.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled